Your dependencies are 278 days out of date and your pipelines aren’t protected
Applications continue to ship with known weaknesses even as development workflows speed up. A new Datadog State of DevSecOps 2026 report examines how dependency management and …
Security debt is becoming a governance issue for CISOs
Application security backlogs keep expanding across large development portfolios. Veracode’s 2026 State of Software Security Report puts numbers behind a familiar operational …
AI risk moves into the security budget spotlight
Enterprises are pushing AI deeper into workflows that touch sensitive data across cloud platforms and SaaS apps. The 2026 Thales Data Threat Report, based on a survey of 3,120 …
Ransomware activity peaks outside business hours
Intrusions continue to center on credential access and timed execution outside standard business hours. The Sophos Active Adversary Report 2026 analyzes 661 incident response …
The CISO role keeps getting heavier
Personal liability is becoming a routine part of the CISO job. In Splunk’s 2026 CISO Report, titled From Risk to Resilience in the AI Era, 78% of CISOs said they are concerned …
Industrial networks continue to leak onto the internet
Industrial operators continue to run remote access portals, building automation servers, and other operational technology services on public IP address ranges. Palo Alto …
The $19.5 million insider risk problem
Routine employee activity across corporate systems carries an average annual cost of $19.5 million per organization. That figure comes from the 2026 Cost of Insider Risks …
Open-source security debt grows across commercial software
Open source code sits inside nearly every commercial application, and development teams continue to add new dependencies. Black Duck’s 2026 Open Source Security and Risk …
Cyber valuations climb as capital concentrates, AI security expands
Venture funding in cybersecurity continued to concentrate in large private rounds at the end of 2025, driving valuations higher across stages. Data from DataTribe shows total …
Edge systems take the brunt of internet-wide exploitation attempts
Internet-facing VPNs, routers, and remote access services absorbed sustained exploitation attempts throughout the second half of 2025, with nearly 3 billion malicious sessions …
Security and complexity slow the next phase of enterprise AI agent adoption
Enterprise AI agents are embedded in routine business processes, particularly inside engineering and IT operations. Many organizations report active production deployments, …
Enterprises are racing to secure agentic AI deployments
AI assistants are tied into ticketing systems, source code repositories, chat platforms, and cloud dashboards across many enterprises. In some environments, these systems can …
Featured news
Resources
Don't miss
- Your dependencies are 278 days out of date and your pipelines aren’t protected
- Security debt is becoming a governance issue for CISOs
- BlacksmithAI: Open-source AI-powered penetration testing framework
- When cyber threats start thinking for themselves
- IronCurtain: An open-source, safeguard layer for autonomous AI assistants